<?php
$act=$_GET["act"];

if($act=="" || $act=="info"){	
	if(session_is_registered("email") && session_is_registered("idkh")){	
		$email=$_SESSION["email"];
		$sql=mysql_query("select email,tenkh,cmnd,diachi,tel,ngaydk from customer where email='$email'");
		$row=mysql_fetch_row($sql);
		include("view/info.php");
	}else{
		include("view/customer.php");
	}
	
}elseif($act=="order"){
	$id=$_SESSION["idkh"];
	$email="";
	if(session_is_registered("email")){
		$email=$_SESSION["email"];			 
	}else{
		$email=$_POST["txtemail"];
	}
	$hoten=$_POST["txthoten"];
	$cmnd=$_POST["txtcmnd"];
	$diachi=$_POST["txtdiachi"];
	$dienthoai=$_POST["txtdienthoai"];
	$ngay=date("Y-m-d h:m:s");
	
	$thanhtoan=$_POST["thanhtoan"];
	$dcgiaohang=$_POST["txtdcgiaohang"];
	$ghichu=$_POST["ghichu"];
	
	//=============== KIEM TRA LOI====================//
	if($hoten==""){
	echo "<script language=\"javascript1.2\"> alert('Họ tên không được để trống !!!!!!!');</script> ";
		include("view/customer.php");
	}else
	if($cmnd==""){
	echo "<script language=\"javascript1.2\"> alert('Bạn chưa nhập chứng minh của bạn !!!!!!!');</script> ";
		include("view/customer.php");
	}else
	if($diachi==""){
	echo "<script language=\"javascript1.2\"> alert('Địa chỉ không được để trống !!!!!!!');</script> ";
		include("view/customer.php");
	}else
	if($dcgiaohang==""){
	echo "<script language=\"javascript1.2\"> alert('Địa chỉ giao hàng không được để trống !!!!!!!');</script> ";
		include("view/customer.php");
	}else{
	
		//==============================================//
		if(session_is_registered("email")){	
			$sql=mysql_query("update customer set tenkh='$hoten',cmnd='$cmnd',tel='$dienthoai',diachi='$diachi' where email='$email'");
		}elseif($email==$row[0]){
			$sql=mysql_query("update customer set tenkh='$hoten',cmnd='$cmnd',tel='$dienthoai',diachi='$diachi' where email='$email'");
		}else{
			$pass=$_POST["txtpass"];
			$repass=$_POST["txtrepass"];
			$hieuluc=true;
			if($email==$row[0]){
				echo "<b><font color=red>Địa chỉ email này đã tồn tai bạn hãy lấy địa chỉ email khác!</font></b><br><br>";
				include("view/customer.php");
			}elseif(!check_mail($email)){
				echo "<b><font color=red>Địa chỉ email của bạn không hợp lệ!</b><br><br>";
				include("view/customer.php");
			}elseif($pass!=$repass){
				echo "<b><font color=red>Mật khẩu bạn nhập vào không khớp!</b><br><br>";
				include("view/customer.php");
			}else{
				$kh=mysql_query("insert into customer(tenkh,cmnd,diachi,email,tel,ngaydk,pass,hieuluc) values('$hoten',$cmnd,'$diachi','$email',$dienthoai,'$ngay','$pass',$hieuluc)");	
			}
			
		}
		
		
		$tongtien=mysql_query("select sum(soluong)as tong,sum(tongtien)as ttien from cart where idkh='$id'");
		$tt=mysql_fetch_row($tongtien);
		$ttien=$tt[1];
		$addh=mysql_query("insert into tborder(emailkh,ngaydat,tongtien,htttoan,dcgiaohang,tinhtrang) values('$email','$ngay',$ttien,'$thanhtoan','$dcgiaohang',0)");
		
		$dh=mysql_query("select maddh from tborder ORDER BY maddh DESC limit 0,1");
		$rows=mysql_fetch_row($dh);
		$madh=$rows[0];
		
		$result=mysql_query("select * from cart where idkh='$id'");
		while($cs=mysql_fetch_row($result)){
			$cs[0];
			$donhangct=mysql_query("insert into orderdetail values('$madh','$cs[0]','$cs[2]','$cs[1]','$cs[3]','$ghichu')");
		}
		
		
		session_register("dh");
		$dh=$madh;
		$_SESSION["dh"]=$madh;
		
		session_register("mail",$mail);
		$mail=$email;
		$_SESSION["mail"]=$email;
		
		echo $mail;
		echo $madh;
		echo "<script language=\"javascript1.2\"> location.href=\"index.php?page=detailorder\";</script> ";
	
}

}
?>